The term "firewall" refers to a security module that monitors, filters, and—if necessary—blocks data traffic between networks. The objective is to prevent unauthorized access and protect IT systems from threats such as malware, unauthorized connections, or data loss. Firewalls can be implemented as hardware, software, or a combination of both—at both network and endpoint levels.
Packet Filtering: Controls inbound and outbound data packets based on predefined rules (e.g., IP address, port, protocol).
Stateful Inspection: Analyzes the connection state to distinguish between legitimate and irregular traffic.
Deep Packet Inspection (DPI): Inspects the content of data packets to detect threats or unwanted applications.
Application-Based Filtering: Identifies and controls applications (e.g., Skype, Dropbox) regardless of port or protocol used.
Intrusion Detection/Prevention (IDS/IPS): Detects and, if needed, blocks network attack patterns in real time.
VPN Support: Secures connections via virtual private networks for protected communication with remote sites or mobile devices.
Logging & Reporting: Records security-relevant events and generates reports for analysis and traceability.
User and Role-Based Access Control: Manages network access based on user identity or group membership rules.
A mid-sized company uses a firewall to restrict ERP system access to authorized IP addresses only.
An IT administrator configures rules to block suspicious access attempts from specific geographic regions.
A company uses firewall reporting features to analyze unusually high data transfers outside of business hours.
A global enterprise secures its locations with VPN-based firewalls to enable safe remote access.
An organization deploys IDS/IPS functionality to detect and block attacks like port scanning or SQL injection in real time.